Checks/check-ORCA230.ps1
|
<#
230 - Check for duplicate anti-phishing policies #> using module "..\ORCA.psm1" class ORCA230 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA230() { $this.Control=230 $this.Services=[ORCAService]::MDO $this.Area="Microsoft Defender for Office 365 Policies" $this.Name="Anti-phishing Rules" $this.PassText="Each domain has a Anti-phishing policy applied to it, or the default policy is being used" $this.FailRecommendation="Check your anti-phishing policies for duplicate rules. Some policies and settings may not be applying." $this.Importance="Microsoft Defender for Office 365 Anti-phishing policies are applied using rules. The default anti-phishing policy applies in the absence of a custom policy. When creating custom policies, there may be duplication of settings and depending on the rules and priority, some policies or settings may not even apply. It's important in this circumstance to check that the desired settings are applied to the right users." $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Domain" $this.ItemName="Policy" $this.DataType="Priority" $this.Links= @{ "Microsoft 365 Defender Portal - Antiphishing policies"="https://security.microsoft.com/antiphishing" "Order and precedence of email protection"="https://aka.ms/orca-atpp-docs-4" "Setting up antiphishing policies"="https://aka.ms/orca-atpp-docs-2" "Recommended settings for EOP and Microsoft Defender for Office 365"="https://aka.ms/orca-atpp-docs-7" } } <# RESULTS #> GetResults($Config) { ForEach($AcceptedDomain in $Config["AcceptedDomains"]) { # Set up the config object $Rules = @() # Go through each Safe Links Policy ForEach($Rule in ($Config["AntiPhishRules"] | Sort-Object Priority)) { if($Rule.State -eq "Enabled") { if($Rule.RecipientDomainIs -contains $AcceptedDomain.Name -and ($Rule.ExceptIfRecipientDomainIs -notcontains $AcceptedDomain.Name) -and ($null -eq $Rule.ExceptIfSentToMemberOf ) -and ($null -eq $Rule.ExceptIfSentTo) ) { # Policy applies to this domain $Rules += New-Object -TypeName PSObject -Property @{ PolicyName=$($Rule.AntiPhishPolicy) Priority=$($Rule.Priority) } } } } ForEach($Rule in ($Config["EOPProtectionPolicyRule"] | Sort-Object Priority)) { if(($Rule.AntiPhishPolicy -ne "") -and ($null -ne $Rule.AntiPhishPolicy )) { if($Rule.State -eq "Enabled") { if($Rule.RecipientDomainIs -contains $AcceptedDomain.Name -and ($Rule.ExceptIfRecipientDomainIs -notcontains $AcceptedDomain.Name) -and ($null -eq $Rule.ExceptIfSentToMemberOf ) -and ($null -eq $Rule.ExceptIfSentTo) ) { # Policy applies to this domain $Rules += New-Object -TypeName PSObject -Property @{ PolicyName=$($Rule.AntiPhishPolicy) Priority=$($Rule.Priority) } } } } } If($Rules.Count -gt 0) { $Count = 0 $CountOfPolicies = ($Rules).Count ForEach($r in ($Rules | Sort-Object Priority)) { $IsBuiltIn = $false $policyname = $($r.PolicyName) $priority =$($r.Priority) if($policyname -match "Built-In" -and $CountOfPolicies -gt 1) { $IsBuiltIn =$True $policyname = "$policyname" +" [Built-In]" } elseif(($policyname -eq "Default" -or $policyname -eq "Office365 AntiPhish Default") -and $CountOfPolicies -gt 1) { $IsBuiltIn =$True $policyname = "$policyname" +" [Default]" } $Count++ $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$($AcceptedDomain.Name) $ConfigObject.ConfigItem=$policyname $ConfigObject.ConfigData=$priority If($Count -eq 1) { # First policy based on priority is a pass if($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } } else { if($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { # Additional policies based on the priority should be listed as informational $ConfigObject.InfoText = "There are multiple policies that apply to this domain, only the policy with the lowest priority will apply. This policy may not apply based on a lower priority." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } } $this.AddConfig($ConfigObject) } } elseif($Rules.Count -eq 0) { <# No policy is applying to this domain For anti-phishing this is OK because we fall back to the default #> $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$($AcceptedDomain.Name) $ConfigObject.ConfigItem="Default" $ConfigObject.ConfigData="Default" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") $this.AddConfig($ConfigObject) } } } } # SIG # Begin signature block # MIIl/QYJKoZIhvcNAQcCoIIl7jCCJeoCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAmhRZZG3JDUr19 # kOIcLvBOJ+3q0zFQ5yBSiHFUW7ms/6CCC7UwggUaMIIEAqADAgECAhMzAAAFwWtu # fQG/Bj+tAAEAAAXBMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDkyMTE4MTE0MloXDTI0MDkxODE4MTE0MlowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQCjZPhOmWqhsCZshcxkJdnaUWYvbT72V/l1hgVjHnd6h5WrFUenJ0EswFmi # f0kY9NnUq0R/WB1mo0kIjRgqxnVUdCbaHEl7Dl2yq2Qa086tf/zbRBXo5kitssgq # zzQr/pvNTM93zH5SVcWsRCOFyLyEgR2foSzdC83bUpaSNT9YskbkiWUD5S4nyLBi # HRMP2fshdykl6q0XP2RM0020vv93miIrnc69ZmQak1KmZlwWgWtK9uSc/3m3T1sk # 9piA5LP2csBfgi37qtGuuyh+2D3e9Ds25JutIvlOSFVrWVrQlYhvvyztwzbrAlbG # ZGivyw6zO4S59daxxsRUWFDWPKtFAgMBAAGjggGWMIIBkjAOBgNVHQ8BAf8EBAMC # B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFGByvk1Je5Cl5oP8kQWu # IV7lpwtVMFQGA1UdEQRNMEukSTBHMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJlbGFu # ZCBPcGVyYXRpb25zIExpbWl0ZWQxFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjcwHwYD # VR0jBBgwFoAUv2Wiq291o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZL # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw # VGVzdGluZyUyMFBDQSUyMDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggr # BgEFBQcwAoZNaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9N # aWNyb3NvZnQlMjBUZXN0aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/ # BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAntepJCM1sNEpjz+qB6VNV+W3+m4tLLA/ # 3S+8iay6i7OOndw7+QZ18l0aYaVzBTUXkCFARqYCCoXNOWdQ5QODJpUgdcOjDCK6 # X+/EPOx4jh0nLMTnJrwg0LGWpBEOv+rG+kR5Aoy3NG1NAbNaGcGl10wlpuMDjOFO # GVDTYqBM8XsgtmnekyUzmWxfzdAN532ABD+NwOy35LdrBJbsjIARh8ydZA8qeuBV # IKVngA/JGGx55N9QsbilyKVipuL+kxZJb1qYXusnqNufi8MEU3vgwfQFjVtj3k13 # R4H5vbHaHc0arlodPjhRrBcAAl0di6Lo+SI8J96X48GZUeC8iud24TCCBpMwggR7 # oAMCAQICEzMAAAAtNXpGiMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jv # c29mdCBUZXN0aW5nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcN # MjAxMjEwMjA0MzIwWhcNMzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQ # Q0EgMjAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/ # 1xdj8qZC0RNinLAXzrpGGnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGp # NAoE18UFhvIQ9U3TlghmhdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGz # SDr8RC5fEcVWOv/KDs2ICMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEF # z3cS/qHcB+kNW3gJbDJVEEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbB # SvbjetQRCrLeLp4Ql+CBrhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX # 2l0OyU7bjW0CAwEAAaOCAfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3 # FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAd # BgNVHQ4EFgQUv2Wiq291o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAA # MEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv # RG9jcy9SZXBvc2l0b3J5Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAP # BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTR # MFkGA1UdHwRSMFAwTqBMoEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kv # Y3JsL3Byb2R1Y3RzL01pY1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYI # KwYBBQUHAQEEgYAwfjBNBggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraS9jZXJ0cy9NaWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYI # KwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkq # hkiG9w0BAQsFAAOCAgEAJ7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5 # rybo/Ep5vcFnsIgDeWXPNTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BG # BnoiGmkrZCy5izmADOqCJyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0 # unIj0ZlvW0VkU+KVlPG2SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyN # vCf2dfuM1tTWqNaa1Qjqq6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaB # DgXAy3nX3D62vfjS3RBd+jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjC # SWPRMBxYn5tqYGommnyhdRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+ # LbPUE8fkZgyggQzExS4BZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2 # EB137rJZ8qfsroVswEpwEDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40 # Q1esCNGMzFR6xMkNIWeTZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDR # J2YroCSmEsJoc6GBzNZ4IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIx # ghmeMIIZmgIBATCBkDB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcFr # bn0BvwY/rQABAAAFwTANBglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYK # KwYBBAGCNwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG # 9w0BCQQxIgQgKYPR+z863YfHb0oWxTB4f6dv/WLA9d3iZGH6yEDxLO8wRAYKKwYB # BAGCNwIBDDE2MDSgFIASAE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3 # Lm1pY3Jvc29mdC5jb20gMA0GCSqGSIb3DQEBAQUABIIBAIHUNfeiZs+hfsy6WbVY # 6BlPS+aPel15d2PgZ3JQ/p8ixjj3vgLj7P/HLqxVFN8np6uh2gInOhRojZkTWaJj # hBs0N7RnPfRdqsqOrc554P5aH4uUBEekuRxnWwS5LW6fLM+5aygJUKTiYI1ZXUWZ # JXijBbdD708t169zQ1qbLdUXoKlXWipamIb57RtLk6hzOCj8w+wa7HxLX7LsZn/X # TdmzfBnf1ki819GLMYbcRABfrE2rUKEmpF8ef+nkWl7/RAWpOTiSIOEiZqZM5ESz # 4qqHZf/caUh4RM1KjR/nYuoBANwASZpuvonKDpQI5Pjq3QjYanLyqZDO8kzCRS7T # m4mhghcrMIIXJwYKKwYBBAGCNwMDATGCFxcwghcTBgkqhkiG9w0BBwKgghcEMIIX # AAIBAzEPMA0GCWCGSAFlAwQCAQUAMIIBWQYLKoZIhvcNAQkQAQSgggFIBIIBRDCC # AUACAQEGCisGAQQBhFkKAwEwMTANBglghkgBZQMEAgEFAAQg4jvCjeUO0unL5mem # 89uzAzI9eaqkyTO4WmO6N05x97kCBmVCuty3bRgTMjAyMzExMTYwMjExMjkuNzc2 # WjAEgAIB9KCB2KSB1TCB0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1p # dGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjowODQyLTRCRTYtQzI5QTElMCMG # A1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaCCEXowggcnMIIFD6AD # AgECAhMzAAAB2o7VyVoA0RGxAAEAAAHaMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29m # dCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4XDTIzMTAxMjE5MDY1OVoXDTI1MDExMDE5 # MDY1OVowgdIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYD # VQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTAr # BgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQG # A1UECxMdVGhhbGVzIFRTUyBFU046MDg0Mi00QkU2LUMyOUExJTAjBgNVBAMTHE1p # Y3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4IC # DwAwggIKAoICAQCTkAYIdrVRUdY/I0AODQ3/G3Fa10jdPNAjSj0kKO0ue7Apz1NB # SheO8Ni+qh7cJuBJwpRdnK7lxaf5ez6TEINuRO1/MQ5r8a/AQROogEgDwn603m7r # wLGVnCWIcu6a4ArgX+zonV6YLFtcvKelbO7A9mrqf9Lr3mMXl5SrbD4zAqZR5JNG # 2vh4C4aNCevCnY4twzNiufcB8vca7bGCvl/Xq2wxmdppl9++uWkuUO/7oA8TFYM8 # o/NMiZ+lC55Jw/YuJFEMVYaldXXPwxelAXrs37pJDHne7a81BGTEcpWu6ob8FHkJ # YMwkIaWY8/s7EIKV5T3M7xndIqq+5QAsH1RqIOaZSM3RMb7dUwPCZnn/NfWkysB9 # SFRCMGCwOrr0vJEXQOkcbzHG//7pTYyLhnHsspDAFxMp1ayxvVbyuK36wrBi9499 # C5onboPqMK3Ao0GoGJqxpNYQcpF4paPWAfEMsuUNSoRrh+uVd8xcvGtJMGygUbPF # UeB7aD2MPc9Q3XCX2QTtnYc198gDIqQhpukpr5r2r0bF4cvNOY4gKQ8jfrNP2+6L # Ns/IkVhiZOjPbrk9uPd4BVf/SSxoOWCSQiVyPssZDvzl52SbLhrdPs1i3R0uFyFw # Rte6D7uSrBX0Ux0RJaEdnSOhsGmsSMg8kh2DrbyMnZWu7uJX53wo2P6ikwIDAQAB # o4IBSTCCAUUwHQYDVR0OBBYEFKF8jclRPWYTlYsxFFcITYC/D19FMB8GA1UdIwQY # MBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6 # Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUt # U3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYB # BQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWlj # cm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB # /wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQDAgeAMA0G # CSqGSIb3DQEBCwUAA4ICAQC5g1XU7biNIwBLeNTtjjPAlNt+0xjMoaxq+xcyghBW # l8baKpPyDm0K4qtXGh1Ydr8rkNuJ8903Tgb+63LP6pz4zsZ1xS8mT3mli7DbgEVZ # lFYslWF412AeQ8M2lmYEnGPBii+8ho8lq4e/FiVIIe6xNfuVQ+YdP+q7PXQUagMy # PX4Wc+7KbI7fL58edFhMWwUkh+632mx3p3aXqm05lv0X3Gk/hhSLE/oNno+8ESiK # v0IZ7KBfJqRTTx1dav1iv6xfwoaL5ISTA75arRE1ovexqJTkimpmQvW2IHDyn89v # HnduVictdFbUPT+fgv9nTnw2s9UZnjm9uym3oIWtEnz3K4k3zkVb6jw0mt5/Te3Y # U2O/uPSPHr6GnfYXWfAnyDj37cLd8U19kYTGSQlaBZWmx3L32/OK2hTOnM+RGJPs # dWlRIl7YCukdMZ9cIzFx39AFpUo6kZM70p0SsxbGcBJe+FWoZSlYSPgovUU/fuhn # NMVsye80CFBRNyYosefuyi/AKx3wWPVBS8+LJ26Ce0IqdyAA25FOGS9IkPI/CMa2 # u2kmH06FHn5nLd3TOvX3+BHodiofTbCooqYefPQKf8UtYxEpa34y/4P2W6GkuXfW # tnwOffJrmw7yw+ceTz9++9NL5v2PjyIZqdn077ktrJ3XmQZsk6nFDR0TZgpPp41d # 5zCCB3EwggVZoAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQEL # BQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH # EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNV # BAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4X # DTIxMDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzAR # BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p # Y3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgUENBIDIwMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM # 57RyIQt5osvXJHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm # 95VTcVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzB # RMhxXFExN6AKOG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBb # fowQHJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCO # Mcg1KL3jtIckw+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYw # XE8s4mKyzbnijYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW # /aUgfX782Z5F37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/w # EPK3Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPK # Z6Je1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2 # BjUYhEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfH # CBUYP3irRbb1Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYB # BAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8v # BO4wHQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYM # KwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEF # BQcDCDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBW # BgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUH # AQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtp # L2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsF # AAOCAgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518Jx # Nj/aZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+ # iehp4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2 # pFaq95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefw # C2qBwoEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7 # T7uG+jIa2Zb0j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFO # Ry3BFARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhL # mm77IVRrakURR6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3L # wUFJfn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5 # m/8K6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE # 0ZDxyKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggLWMIICPwIB # ATCCAQChgdikgdUwgdIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRl # ZDEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046MDg0Mi00QkU2LUMyOUExJTAjBgNV # BAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMCGgMV # AEKiHyGJYx1GzaGNP8I4V0Z/7EgNoIGDMIGApH4wfDELMAkGA1UEBhMCVVMxEzAR # BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p # Y3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgUENBIDIwMTAwDQYJKoZIhvcNAQEFBQACBQDo/60kMCIYDzIwMjMxMTE2MDQ0 # ODM2WhgPMjAyMzExMTcwNDQ4MzZaMHYwPAYKKwYBBAGEWQoEATEuMCwwCgIFAOj/ # rSQCAQAwCQIBAAIBTAIB/zAHAgEAAgISBjAKAgUA6QD+pAIBADA2BgorBgEEAYRZ # CgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0G # CSqGSIb3DQEBBQUAA4GBAEb37/xsQyi6nKBnR7K2F5Ro7jHlzgjo6vmaIgSp5QS+ # sXC7X/Am+E5Zv1y8NikxR0ZdfOrrevtpQidx6HwHY5e0azAweFHhAAX7KHqjKuFJ # sQ/H3ifMlMS1tn/lf4cO7LPujq/pNw5sLgtbgEjN700/ef269WDibDr3KbgfME/y # MYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMA # AAHajtXJWgDREbEAAQAAAdowDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJ # AzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQg2G1cVDQJEkNcsKBaYJqa # Yv1E0Q2aml5kmL2x4cJAXZIwgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCAi # paNpYsDvnqTe95Dj1C09020I5ljibrW/ndICOxg9xjCBmDCBgKR+MHwxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29m # dCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB2o7VyVoA0RGxAAEAAAHaMCIEIFAh # UUEJhAQbsj8cwwL2NJILl4NTXHbQ99KFoQUXpAPJMA0GCSqGSIb3DQEBCwUABIIC # AB4uQS5JBh5CrKmNmHWPhRFLadp4LhUguqvzbhyo9l6IdgrlpaziW9ZZWQd51T9s # 8FHrnRalGbR78dHMBbOYyZ7TJvcXZeoYedf90+qL0KCj0K30+jmYwKdqKhb4lW3Y # AJifctUYL9qmJLNLxgEEM1gAtnDxdS/nyl9fFIA/nrCL3QbR5CtvZcEzJwZjp46B # uwB6cfx7FUhH14JvCv9BBAQXXs2KyQjOmjRzk5y3foH0hAXprfIsWU4oKBfreL7P # vOa8BAng9OH7f4qa+mO8VZHl8CYxxRB6Q0HIY1XWnt6LEHs2gfxOGhm0tMLoUEGb # 8cBoUMF5oiSsDqHAr00HAhm24xKBF5/7cdwIRBy+NMcp39iEGEdmZEQgUlQcUI6w # PcmMcFiPP7fXKb+k6qSl8Ldow8coba1exrJowbjRln3suES5dQJTVOeOfAaYHTWU # 3wdVW+JxyRdz4bzbnvWAeAQQW+Ex4Cy/5u0+eY1cj/rUmdKhgRFY5rkBvH84lwtk # Wn9twTcdbbYcl2fpcohp7R8tE28B+UJ6nUUAdXFK0vNEe+/I+sPJMNGdZfbYVRFD # lHs+BN+GD1/R/I0ReAoVpErxEnz1g5UIGW952M3XYaG3HS8tSBTNsI68mttCYZoI # /NWrvoNUtOcw8fB8tFwFAty8nLDxiHYsM5TfP9re/n/S # SIG # End signature block |